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DETAILED ACTION 

1. Claims 1-16 have been examined. 

Claim Rejections - 35 USC § 103 

2. The following is a quotation of 35 U.S.C. 103(a) which forms the basis for all obviousness 

rejections 
set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described as set forth in 
section 102 of this title, if the differences between the subject matter sought to be patented and the prior art 
are such that the subject matter as a whole would have been obvious at the time the invention was made to a 
person having ordinary skill in the art to which said subject matter pertains. Patentability shall not be 
negatived by the manner in which the invention was made. 

3. Claims 1- 16 are rejected under 35 U.S.C. 103(a) as being unpatentable over Kloth (U.S. 
Patent No. 6,598,034) in view of Lorrain et al (hereinafter referred as Lorrain)(U.S. Patent No. 
6,636,512). 

4. As per claim 1, Kloth discloses a method for preventing denial of service attacks over a 
data 

network including a plurality of traffic flows each formed by a plurality of data 

packet, the method comprising: 

scanning the contents of the data packet; (column 4, lines 40-43) 

verifying that the data packets conform to a set of predetermed 

requirements; (column 4, lines 40-45; column 6, lines 18-20; column 5, lines 4-10] 
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checking if the data packet is associated with a validated traffic flow; and [column 10, 
lines 38-46; column 10, lines 55-57] 

kloth discloses that a rule (requirement) generator for providing rules for processing the 
data packets according to the analyzed bit patterns; and the rules are applied to the bit 
patterns which are parsed from the IP flow and IP packets traffic types and priorities resulting 
form application of the rules (requirements) are mapped onto the existing Quality of service 
(QOS) assignments. (column 16, lines 43-49). Kloth further discloses the different service level 
can be used to further decide the appropriate routing speed (priority) to be applied to the data 
packet. (column 7, lines 45-49]. 

Kloth does not explicitly teach placing the data packet in a higher priority quality of service if 
the data 

packet is associated with a validate traffic flow; and to a low priority quality of service if it is 
not associated with a validate traffic flow. However, Lorrain discloses reserving bandwidth for 
higher priority quality of service if the data packet is associated with a Real Time (RT] traffic 
(interpreted as "validated traffic" by the office) and serving the packet that is associated with 
Non Real Time (NRT) traffic (interpreted by the office as "non validated traffic") with lower 
quality of service, after the all higher priority traffic has been served. ( column 2, lines 20-37]. 
Accordingly, It would have been obvious to one having ordinary skill in the art at the invention 
was made to combine the Kloth 's assignment of different Quality of service as per teachings of 
Lorrain 's in order to prevent denial of service by placing the data packet in a higher priority 
quality of service if the data packet is associated with a Real Time or validated traffic flow and 
to a low priority quality of service if it is not associated with a Real Time traffic flow (validated 
traffic flow). 

5. As Claim 7, Kloth discloses the method of preventing denial of service attacks on a data 
network 
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which includes a plurality of traffic flows each formed by multiple data packets 
having header and payload information, the method using a network device 
comprising a traffic flow scanning engine; and a quality of service processor having 
a low priority queue and higher priority queues, the method comprising: 

scanning the header information using traffic flow scanning engine; (column 4, lines 40- 

43; column 3, lines 62-63) 

reordering and reassembling the data packets using the traffic flow scanning 
engine; [column 7, lines 26-28] 

flagging data packets that do not reorder or reassemble correctly to be 
dropped; [column 12, lines 5-11] 

scanning the payload contents using the traffic flow scanning engine; [column 8, lines 
37-47; column 3, lines 62-63; column 10, lines 38-42] 
determining whether the data packets conform to a set of predetermined 
requirements; [column 4, lines 40-45; column 6, lines 18-20; column 5, lines 4-10] 
flagging data packets that do not conform to be dropped; [column 5, lines 4-10] 
checking if the data packets are associated with a validated traffic flow; and [column 
10, lines 38-46; column 10, lines 55-57] 
kloth discloses that a rule (requirement) generator for providing rules for processing the data 
packets according to the analyzed bit patterns; and the rules are applied to the bit patterns 
which are parsed from the IP flow and IP packets traffic types and priorities resulting form 
application of the rules (requirements) are mapped onto the existing Quality of service (QOS) 
assignments. (column 16, lines 43-49). Kloth further discloses the different service level can be 
used to further decide the appropriate routing speed (priority) to be applied to the data 
packet. (column 7, lines 45-49]. 

Kloth does not explicitly teach assigning the data packets to a higher priority quality of service 
if the data 
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packet is associated with a validate traffic flow; and to a low priority quality of service if the 
data packet is not associated with a validate traffic flow. Kloth does not also explicitly teach 
flagging the data packets that do not reorder or reassemble correctly to be dropped and 
flagging data packets that do not conform to be dropped. 

However, Lorrain discloses reserving bandwidth for higher priority quality of service if the data 
packet is associated with a Real Time (RT] traffic (validated traffic) and serving the packet that 
is associated with Non Real Time (NRT) traffic or non validated traffic with lower quality of 
service, after the all higher priority traffic has been served. ( column 2, lines 20-37]. 
Lorrain further discloses that packets that are dropped with in the network are flagged as 
discardable packets through the use of so- called Discardable Eligibility (DE) identifier bit.[ 
column 2, lines 17-19] 

Accordingly, It would have been obvious to one having ordinary skill in the art at the invention 
was made to combine the Kloth 's assignment of different Quality of service and at the same 
time flagging of the dropped packets as per teachings of Lorrain 's in order to prevent denial of 
service by assigning the data packet in a higher priority quality of service if the data packet is 
associated with a Real Time or validated traffic flow and to a low priority quality of service if it 
is not associated with a Real Time traffic flow (validated traffic flow) and drop packets that do 
not satisfy the requirements. 



6. As per claim 12, Kloth discloses a network device for preventing denial of service 
attacks on a data 

network which includes a plurality of traffic flows each formed by multiple data 
packets having contents including header information and pay load information, the 
network device comprising: 
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a traffic flow scanning engine operable to scan the header and payload 
information of the data packets, to associate each data packet with a particular 
traffic flow and to determine whether each traffic flow is a validated traffic flow or 
a non-validated traffic flow, wherein the traffic flow scanning engine is further 
operable to reorder and reassemble the data packets and to verify that the data 
packet conforms to predetermined requirements such that the traffic flow scanning engine 
produces a conclusion associated with each data packet; and (column 4, lines 40-43; column 
3, lines 62-63; column 3, 

column 8, lines 37-46; column 3, lines 62-63; column 7, lines 30-49; column 7, lines 26-28; 
column 4, lines 40-45; column 6, lines 18-20; column 5, lines 4-10; column 4, lines 12-13]. 

Kloth discloses a quality of service processor connected to the traffic flow scanning engine 
and operable to place the data packets into a quality of service queue from a 
plurality of quality of service queues based on the conclusion from the traffic flow 
scanning engine, ( column 7, lines 41-45; column 12, lines 60-67, figure 1 1] 
kloth discloses that a rule (requirement) generator for providing rules for processing the data 
packets according to the analyzed bit patterns; and the rules are applied to the bit patterns 
which are parsed from the IP flow and IP packets traffic types and priorities resulting form 
application of the rules (requirements) are mapped onto the existing Quality of service (QOS) 
assignments. (column 16, lines 43-49). Kloth further discloses the different service level can be 
used to further decide the appropriate routing speed (priority) to be applied to the data 
packet. (column 45-49]. 

Kloth does not explicitly teaches a quality of service processor connected to the traffic flow 
scanning engine 

and operable to place the data packets into a quality of service queue from a 
plurality of quality of service queues based on the conclusion from the traffic flow 
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scanning engine, wherein data packet from non-validated traffic flows are assigned 

to a low priority queue and data packets form validated traffic flow are assigned to a 

higher priority queue based on its contents. However, Lorrain discloses reserving bandwidth for 

higher priority quality of service if the data packet is associated with a Real Time (RTJ traffic 

(validated traffic) and serving the packet that is associated with Non Real Time (NRT) traffic or 

non validated traffic with lower quality of service, after the all higher priority traffic has been 

served. ( column 2, lines 20-37]. 

Accordingly, It would have been obvious to one having ordinary skill in the art at the invention 
was made to combine the Kloth 's assignment of different Quality of service as per teachings of 
Lorrain's in order to prevent denial of service by assigning the data to a low priority quality 
queue for the data packet if it is not associated with a Real Time traffic flow (validated traffic 
flow) and assigned to higher priority queues based on its content. 

7. As per claim 2, the combination of Kloth and Lorrain teach the method as applied to 
claim 1 above. Furthermore Kloth teaches the method wherein verifying includes insuring that 
the 

data packet reorder and reassemble according to a defined policy and insuring that the 
data packets conform to required parameters, (column 7, lines 26-28; column 6, lines 32-35; 
column 5, lines 4-10). 

8. As per claim 3, the combination of Kloth and Lorrain teach the method as applied to 
claim 1 above. Furthermore Kloth teaches the method further comprising between verifying 
and 

checking: 

dropping the data packet if it does not conform to the set of predetermined 
requirements, (column 5, lines 4-10) 
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9. As per claim 4, the combination of Kloth and Lorrain teach the method as applied to 
claim 3 above. Furthermore Kloth teaches the method wherein scanning includes scanning of 
the 

data packet's header information and scanning of the data packet's pay load contents, (column 
8, lines 40-42] 

10. As per claim 5, 8 and 16 the combination of Kloth and Lorrain teach the method as 
applied to claim 1, 7 and 12 above. Furthermore Kloth teaches the method wherein the 
predetermined requirements 

include packet length, non-overlapping offset fields, and adherence to protocol 
standards, (column 4, lines 5-8] 

11. As per claim 6 and 1 1 , the combination Kloth and Lorrain teach the method as applied 
to claim 5 and 7 above. Furthermore Lorrain teaches the method wherein the validated traffic 
flows are 

identified by a state associated with each traffic flow.(column 2, lines 20-37;column 12, lines 
17-19 ] 

12. As per claim 9, the combination Kloth and Lorrain teach the method as applied to claim 
7 above. Furthermore Lorrain teaches the method wherein flagged data packets are dropped by 
the traffic flow scanning engine, (column 2, lines 15-19] 
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13. As per claim 10, the combination Kloth and Lorrain teach the method as applied to 
claim 7 above. Furthermore Lorrain teaches the method wherein flagged data packets are 
dropped by 

the quality of service processor [column 2, lines 15-19] 

14. As per claim 13, the combination Kloth and Lorrain teach the method as applied to 
claim 12 above. Furthermore Lorrain teaches the method wherein the low priority queue is 
assigned to a maximum percentage of network bandwidth, (column 2, lines 31-36) 

15. As per claim 14, the combination Kloth and Lorrain teach the method as applied to claim 
12 above. Furthermore Kloth teaches the method wherein traffic packets that do not 
reorder or reassemble correctly and data packets that do not conform to the 
predetermined requirements are dropped by the network device. [column 12, lines 5-10] 

16. As per claim 15, the combination Kloth and Lorrain teach the method as applied to 
claim 12 above. Furthermore Lorrain teaches the method wherein the traffic flows are 
identified by a state associated with each traffic flow, the state representing whether the 
traffic flow is validated or non- validated. [column 2, lines 20-37]. ( It is interpreted by the office 
that Real Time traffic are considered to be a validated traffice and on the hand Non Real Time 
Traffic are considered to be Non-Validated traffic). 



Conclusion 
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Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Samson B Lemma whose telephone number is 703-305-8745. 
The examiner can normally be reached on Monday-Fridary (8:00 am— 4:30 pm). 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, BARRON JR GILBERTO can be reached on 703-305-1830. The fax phone number 
for the organization where this application or proceeding is assigned is 703-872-9306. 

Information regarding the status of an application may be obtained from the Patent 
Application Information Retrieval (PAIR) system. Status information for published applications 
may be obtained from either Private PAIR or Public PAIR. Status information for unpublished 
applications is available through Private PAIR only. For more information about the PAIR 
system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private 
PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). 
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